Prohibits a federal agency from deploying or making available to the public a new federal personally identifiable information website (new Federal PII Website) until the chief information officer of the agency submits a certification to Congress that the website is fully functional and secure, as those terms are defined by this Act. Defines "new Federal PII website" as a website that: (1) is operated by (or under contract with) an agency; (2) elicits, collects, stores, or maintains personally identifiable information (i.e., information that can be used to identify an individual, such as a social security number, a date and place of birth, a mother's maiden name, biometric records, or other information linked to an individual); and (3) is first made accessible to the public and collects or stores personally identifiable information on or after October 1, 2012.

Exempts beta websites designed for testing and development if users execute an agreement acknowledging the risks involved.

Directs the Director of the Office of Management and Budget (OMB) to establish and oversee policies and procedures for federal agencies to follow in the event of a breach of information security involving the disclosure of personally identifiable information, including: (1) notice, not later than 72 hours after discovery of a breach or possible breach, to individuals whose personally identifiable information could be compromised as a result of such breach; (2) timely reporting to a federal cyber security center designated by this Act; and (3) any additional actions that the Director finds necessary and appropriate.

Requires: (1) agency heads to ensure that agency actions taken in response to a breach comply with OMB policies and procedures established by this Act; and (2) the OMB Director to report to Congress, not later than March 1 of each year, on agency compliance with such policies and procedures.

]]>2015-01-21002015-02-02T19:01:08ZIntroduced in House2015-01-21T05:00:00ZIntroduced in HouseSafe and Secure Federal Websites Act of 2015

This bill establishes security and privacy requirements for new federal websites that collect personally identifiable information (PII) (i.e., information that can be used to distinguish or trace the identity of an individual or that is linked or linkable to an individual).

(Sec. 2) A federal agency may not deploy or make available to the public a new federal PII website until the agency's chief information officer (CIO) certifies to Congress that the website is fully functional and secure. The CIO must make such certification within 90 days after enactment of this Act. After such 90-day period, any new federal PII website that has not been certified must be rendered inaccessible until certification is submitted.

The prohibition does not apply to a website that is: (1) operated entirely by an entity that is independent of the federal government, or (2) in a development or testing phase (beta website). The exemption for beta websites applies only if: (1) a member of the public may access PII-related portions of the website only after executing an agreement that acknowledges the risks involved; and (2) no agency compelled, enjoined, or otherwise provided incentives for a member of the public to access such website.

The bill defines a "new federal PII website" as a website that: (1) is operated by (or under contract with) an agency; (2) elicits, collects, stores, or maintains PII and is accessible to the public; and (3) is first made accessible to the public and collects or stores PII on or after October 1, 2012. The bill also sets forth requirements that must be met to deem a new federal PII website as "secure."

(Sec. 3) The Director of the Office of Management and Budget (OMB) must establish and oversee policies and procedures for federal agencies to follow in the event of a breach of information security involving the disclosure of PII, including: (1) notice, not later than 72 hours after discovery of a breach or possible breach, to individuals whose PII could be compromised; and (2) timely reporting to a federal cybersecurity center designated by the OMB and defined in this Act.

Agency heads must ensure that agency actions taken in response to a breach of information security involving the disclosure of PII comply with OMB policies and procedures established by this Act. The OMB must report to Congress, not later than March 1 of each year, on agency compliance with such policies and procedures.

A "federal cybersecurity center" is defined to include: (1) the Department of Defense Cyber Crime Center, (2) the Intelligence Community Incident Response Center, (3) the U.S. Cyber Command Joint Operations Center, (4) the National Cyber Investigative Task Force, (5) the Central Security Service Threat Operations Center of the National Security Agency, (6) the U.S. Computer Emergency Readiness Team, and (7) any center that the OMB determines is appropriate to carry out privacy breach notice and reporting requirements.

]]>2016-01-06172016-01-14T16:34:07ZReported to House with amendment(s)2016-01-06T15:31:37ZReported to House with amendment(s)DesJarlaisRFalseD00061681512062Scott42015-01-22Rep. DesJarlais, Scott [R-TN-4]TND000616ROHRABACHERRFalse979R0004097851DANA482015-01-28Rep. Rohrabacher, Dana [R-CA-48]CAR000409WestmorelandRA.FalseW00079617797900Lynn32015-01-28Rep. Westmoreland, Lynn A. [R-GA-3]GAW000796KellyRFalse2051K0003768708Mike32015-02-02Rep. Kelly, Mike [R-PA-3]PAK000376LummisRM.False1960L0005718225Cynthia02015-02-02Rep. Lummis, Cynthia M. [R-WY-At Large]WYL000571SENSENBRENNERRJAMESFalse1041S0002448218F.52015-02-02Rep. Sensenbrenner, F. James, Jr. [R-WI-5]WIS000244BlackburnRFalseB00124381541748Marsha72015-02-02Rep. Blackburn, Marsha [R-TN-7]TNB001243GuthrieRFalseG00055819227954Brett22015-02-02Rep. Guthrie, Brett [R-KY-2]KYG000558HurtRFalse2069H0010608196Robert52015-02-02Rep. Hurt, Robert [R-VA-5]VAH001060BenishekRFalseB00127120277986Dan12015-02-02Rep. Benishek, Dan [R-MI-1]MIB001271PoseyRFalse1915P0005997887Bill82015-02-02Rep. Posey, Bill [R-FL-8]FLP000599KlineRFalse1733K0003638002John22015-02-02Rep. Kline, John [R-MN-2]MNK000363WilsonRFalse1688W0007958142Joe22015-02-03Rep. Wilson, Joe [R-SC-2]SCW000795LattaRE.False1885L0005668095Robert52015-02-03Rep. Latta, Robert E. [R-OH-5]OHL000566FarentholdRFalseF00046081832067Blake272015-02-03Rep. Farenthold, Blake [R-TX-27]TXF000460ColeRFalse1742C0010538112Tom42015-02-03Rep. Cole, Tom [R-OK-4]OKC001053RokitaRFalse2017R0005927943Todd42015-02-03Rep. Rokita, Todd [R-IN-4]INR000592CALVERTRFalse165C0000597849KEN422015-02-04Rep. Calvert, Ken [R-CA-42]CAC000059RoskamRJ.False79261848R000580Peter62015-02-04Rep. Roskam, Peter J. [R-IL-6]ILR000580GriffithRMorganFalseG00056882002070H.92015-02-10Rep. Griffith, H. Morgan [R-VA-9]VAG000568KingRFalseK00036217247918Steve42015-02-10Rep. King, Steve [R-IA-4]IAK000362ThompsonRFalse1952T0004678123Glenn52015-02-10Rep. Thompson, Glenn [R-PA-5]PAT000467JenkinsRFalseJ00029019217950Lynn22015-02-10Rep. Jenkins, Lynn [R-KS-2]KSJ000290RossRA.False78842003R000593Dennis152015-02-10Rep. Ross, Dennis A. [R-FL-15]FLR000593SchockRFalse79381920S001179Aaron182015-02-10Rep. Schock, Aaron [R-IL-18]ILS001179CoffmanRFalseC00107719127864Mike62015-02-25Rep. Coffman, Mike [R-CO-6]COC001077FRELINGHUYSENRFalse414F0003728053RODNEY112015-02-25Rep. Frelinghuysen, Rodney P. [R-NJ-11]NJF000372LUCASRD.False711L0004918111FRANK32015-02-25Rep. Lucas, Frank D. [R-OK-3]OKL000491JohnsonRFalse2046J0002928096Bill62015-03-16Rep. Johnson, Bill [R-OH-6]OHJ000292AmodeiRE.FalseA00036983662090Mark22015-03-16Rep. Amodei, Mark E. [R-NV-2]NVA000369CramerRFalseC0010962144Kevin02015-03-16Rep. Cramer, Kevin [R-ND-At Large]NDC001096RoeRP.False81481954R000582David12015-03-16Rep. Roe, David P. [R-TN-1]TNR000582CarterRR.False1752C0010518187John312015-05-14Rep. Carter, John R. [R-TX-31]TXC001051SanfordRFalse1012S000051Mark12015-05-14Rep. Sanford, Mark [R-SC-1]SCS000051CollinsRFalseC0010922151Chris272015-05-18Rep. Collins, Chris [R-NY-27]NYC001092PittengerRFalseP0006062141Robert92015-05-18Rep. Pittenger, Robert [R-NC-9]NCP000606SchweikertRFalse1994S0011837802David62015-05-18Rep. Schweikert, David [R-AZ-6]AZS001183BarlettaRFalseB00126920548129Lou112015-05-18Rep. Barletta, Lou [R-PA-11]PAB0012692015-01-22T04:46:23ZH.R. 451, Safe and Secure Federal Websites Act of 2015https://www.cbo.gov/publication/502472015-05-29T21:02:44ZGovernment Operations and PoliticsSafe and Secure Federal Websites Act of 2015Administrative law and regulatory proceduresComputer security and identity theftGovernment information and archivesInternet and video servicesOffice of Management and Budget (OMB)Right of privacyGovernment Operations and Politics11111111H124102House floor actionsCalendarsPlaced on the Union Calendar, Calendar No. 293.2016-01-06H122002House floor actionsCommitteehttps://www.congress.gov/congressional-report/114th-congress/house-report/390H. Rept. 114-390hsgo00Oversight and Government Reform CommitteeReported (Amended) by the Committee on Oversight and Government Reform. H. Rept. 114-390.2016-01-0650009Library of CongressCommitteehttps://www.congress.gov/congressional-report/114th-congress/house-report/390H. Rept. 114-390hsgo00Oversight and Government Reform CommitteeReported (Amended) by the Committee on Oversight and Government Reform. H. Rept. 114-390.2016-01-062015-05-19hsgo00Oversight and Government Reform Committee1House committee actionsOrdered to be Reported (Amended) by Voice Vote.Committee2015-05-19hsgo00Oversight and Government Reform Committee1House committee actionsCommittee Consideration and Mark-up Session Held.CommitteeH111002House floor actionsIntroReferralhsgo00Oversight and Government Reform CommitteeReferred to the House Committee on Oversight and Government Reform.2015-01-21Intro-H9Library of CongressIntroReferralIntroduced in House2015-01-2110009Library of CongressIntroReferralIntroduced in House2015-01-2182015-01-211.0.0HRU00293[Congressional Record Volume 161, Number 10 (Wednesday, January 21, 2015)]From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]By Mr. FLEISCHMANN:H.R. 451.Congress has the power to enact this legislation pursuantto the following:Article 1, Section 8, Clause 18, which states the Congressshall have the power ``to make all laws which shall benecessary and proper for carrying into execution theforegoing powers, and all other powers vested by thisConstitution in the government of the United States, or inany department or officer thereof''[Page H481]]]>451Short Titles as Reported to HouseHouseSafe and Secure Federal Websites Act of 2015HShort Titles House of RepresentativesShort Titles as IntroducedSafe and Secure Federal Websites Act of 2015Official Title as IntroducedTo ensure the functionality and security of new Federal websites that collect personally identifiable information, and for other purposes.Display TitleSafe and Secure Federal Websites Act of 2015HouseOversight and Government Reform CommitteeStandinghsgo002016-01-07T01:04:25ZReported by2015-05-19T20:23:05ZMarkup by2015-01-21T15:05:35ZReferred to2018-11-08T23:27:14ZRep. Fleischmann, Charles J. "Chuck" [R-TN-3]F00045981502061FleischmannCharlesRJ. "Chuck"F0004593TNtext/xmlENPursuant to Title 17 Section 105 of the United States Code, this file is not subject to copyright protection and is in the public domain.Congressional Research Service, Library of CongressThis file contains bill summaries and statuses for federal legislation. A bill summary describes the most significant provisions of a piece of legislation and details the effects the legislative text may have on current law and federal programs. Bill summaries are authored by the Congressional Research Service (CRS) of the Library of Congress. As stated in Public Law 91-510 (2 USC 166 (d)(6)), one of the duties of CRS is "to prepare summaries and digests of bills and resolutions of a public general nature introduced in the Senate or House of Representatives". For more information, refer to the User Guide that accompanies this file.